<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE html 
     PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
     "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
  <title>Class: UsersController</title>
  <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
  <meta http-equiv="Content-Script-Type" content="text/javascript" />
  <link rel="stylesheet" href=".././rdoc-style.css" type="text/css" media="screen" />
  <script type="text/javascript">
  // <![CDATA[

  function popupCode( url ) {
    window.open(url, "Code", "resizable=yes,scrollbars=yes,toolbar=no,status=no,height=150,width=400")
  }

  function toggleCode( id ) {
    if ( document.getElementById )
      elem = document.getElementById( id );
    else if ( document.all )
      elem = eval( "document.all." + id );
    else
      return false;

    elemStyle = elem.style;
    
    if ( elemStyle.display != "block" ) {
      elemStyle.display = "block"
    } else {
      elemStyle.display = "none"
    }

    return true;
  }
  
  // Make codeblocks hidden by default
  document.writeln( "<style type=\"text/css\">div.method-source-code { display: none }</style>" )
  
  // ]]>
  </script>

</head>
<body>



    <div id="classHeader">
        <table class="header-table">
        <tr class="top-aligned-row">
          <td><strong>Class</strong></td>
          <td class="class-name-in-header">UsersController</td>
        </tr>
        <tr class="top-aligned-row">
            <td><strong>In:</strong></td>
            <td>
                <a href="../files/app/controllers/users_controller_rb.html">
                app/controllers/users_controller.rb
                </a>
        <br />
            </td>
        </tr>

        <tr class="top-aligned-row">
            <td><strong>Parent:</strong></td>
            <td>
                <a href="ApplicationController.html">
                ApplicationController
               </a>
            </td>
        </tr>
        </table>
    </div>
  <!-- banner header -->

  <div id="bodyContent">



  <div id="contextContent">

    <div id="description">
      <p>
E&#8217; il controller della componente users, e fornisce le azioni per
gestire gli utenti. La gestione è formata dalle azioni di base, ovvero la
creazione, la modifica e la cancellazione, e dalle azioni per recuperare la
password.
</p>

    </div>


   </div>

    <div id="method-list">
      <h3 class="section-bar">Methods</h3>

      <div class="name-list">
      <a href="#M000032">create</a>&nbsp;&nbsp;
      <a href="#M000035">destroy</a>&nbsp;&nbsp;
      <a href="#M000033">edit</a>&nbsp;&nbsp;
      <a href="#M000030">index</a>&nbsp;&nbsp;
      <a href="#M000040">insert_new_password</a>&nbsp;&nbsp;
      <a href="#M000031">new</a>&nbsp;&nbsp;
      <a href="#M000038">new_password_reset</a>&nbsp;&nbsp;
      <a href="#M000037">register</a>&nbsp;&nbsp;
      <a href="#M000039">send_password_reset</a>&nbsp;&nbsp;
      <a href="#M000036">show</a>&nbsp;&nbsp;
      <a href="#M000034">update</a>&nbsp;&nbsp;
      </div>
    </div>

  </div>


    <!-- if includes -->

    <div id="section">





      


    <!-- if method_list -->
    <div id="methods">
      <h3 class="section-bar">Public Instance methods</h3>

      <div id="method-M000032" class="method-detail">
        <a name="M000032"></a>

        <div class="method-heading">
          <a href="#M000032" class="method-signature">
          <span class="method-name">create</span><span class="method-args">()</span>
          </a>
        </div>
      
        <div class="method-description">
          <p>
Aggiunge l&#8216;utente passato come parametro al database.
</p>
          <p><a class="source-toggle" href="#"
            onclick="toggleCode('M000032-source');return false;">[Source]</a></p>
          <div class="method-source-code" id="M000032-source">
<pre>
    <span class="ruby-comment cmt"># File app/controllers/users_controller.rb, line 37</span>
37:   <span class="ruby-keyword kw">def</span> <span class="ruby-identifier">create</span>
38:     <span class="ruby-ivar">@user</span> = <span class="ruby-constant">User</span>.<span class="ruby-identifier">new</span>(<span class="ruby-identifier">params</span>[<span class="ruby-identifier">:user</span>])
39:     <span class="ruby-ivar">@user</span>.<span class="ruby-identifier">assessment</span> = <span class="ruby-constant">Assessment</span>.<span class="ruby-identifier">new</span>
40:     <span class="ruby-identifier">logger</span>.<span class="ruby-identifier">info</span> <span class="ruby-node">&quot; *** Dopo users.new: #{@user.password}&quot;</span>
41:     
42:     <span class="ruby-identifier">right</span> = <span class="ruby-keyword kw">false</span>
43:     
44:     <span class="ruby-keyword kw">if</span> <span class="ruby-ivar">@user</span>.<span class="ruby-identifier">save</span>
45:       <span class="ruby-comment cmt"># Includo il codice per inviare la mail in un blocco begin-rescue-end (il try catch di java) poiché</span>
46:       <span class="ruby-comment cmt"># rails controlla se l'indirizzo di posta è corretto prima di inviare. Se questi non lo è viene generato</span>
47:       <span class="ruby-comment cmt"># un errore (da intendere come un'eccezione di java e non come un errore di esso).</span>
48:       <span class="ruby-keyword kw">begin</span>
49:         <span class="ruby-comment cmt"># Specifico che deve essere inviata la mail per la conferma della registrazione</span>
50:         <span class="ruby-constant">UserMailer</span>.<span class="ruby-identifier">deliver_registration_confirmation</span>(<span class="ruby-ivar">@user</span>)
51:         <span class="ruby-identifier">right</span> = <span class="ruby-keyword kw">true</span>
52:       <span class="ruby-keyword kw">rescue</span> <span class="ruby-constant">Net</span><span class="ruby-operator">::</span><span class="ruby-constant">SMTPFatalError</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-identifier">err</span>
53:         <span class="ruby-identifier">flash</span>.<span class="ruby-identifier">now</span>[<span class="ruby-identifier">:error</span>] = <span class="ruby-value str">&quot;Hey, questa e-mail non esiste!&quot;</span>
54:         <span class="ruby-identifier">logger</span>.<span class="ruby-identifier">warn</span> <span class="ruby-node">&quot;C'è stato un errore inviando il messaggio a questa e-mail #{@user.mail}:\n\t#{err}&quot;</span>
55:         <span class="ruby-comment cmt"># Dal momento in cui la'eccezione viene gestita l'utente è salvato: va cancellato</span>
56:         <span class="ruby-ivar">@user</span>.<span class="ruby-identifier">destroy</span>
57:       <span class="ruby-keyword kw">end</span>
58:     <span class="ruby-keyword kw">else</span>
59:       <span class="ruby-identifier">flash</span>.<span class="ruby-identifier">now</span>[<span class="ruby-identifier">:error</span>] = <span class="ruby-value str">&quot;Ci sono stati problemi con la tua registrazione.&quot;</span>
60:     <span class="ruby-keyword kw">end</span>
61:     
62:     <span class="ruby-identifier">respond_to</span> <span class="ruby-keyword kw">do</span> <span class="ruby-operator">|</span><span class="ruby-identifier">format</span><span class="ruby-operator">|</span>
63:       <span class="ruby-keyword kw">if</span> <span class="ruby-identifier">right</span>
64:         <span class="ruby-identifier">flash</span>[<span class="ruby-identifier">:notice</span>] = <span class="ruby-node">&quot;Abbiamo inviato un'e-mail all'indirizzo \&quot;#{@user.mail}\&quot;: essa contiene le istruzioni per confermare la registrazione&quot;</span>
65:         <span class="ruby-identifier">format</span>.<span class="ruby-identifier">html</span> { <span class="ruby-identifier">redirect_to</span> <span class="ruby-identifier">:controller</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-value str">&quot;general&quot;</span>, <span class="ruby-identifier">:action</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-value str">&quot;index&quot;</span> }
66:         <span class="ruby-identifier">format</span>.<span class="ruby-identifier">xml</span>  { <span class="ruby-identifier">render</span> <span class="ruby-identifier">:xml</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-ivar">@user</span>, <span class="ruby-identifier">:status</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-identifier">:created</span>, <span class="ruby-identifier">:location</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-ivar">@user</span> }
67:       <span class="ruby-keyword kw">else</span>
68:         <span class="ruby-identifier">format</span>.<span class="ruby-identifier">html</span> { <span class="ruby-identifier">render</span> <span class="ruby-identifier">:action</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-value str">&quot;new&quot;</span> }
69:         <span class="ruby-identifier">format</span>.<span class="ruby-identifier">xml</span>  { <span class="ruby-identifier">render</span> <span class="ruby-identifier">:xml</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-ivar">@user</span>.<span class="ruby-identifier">errors</span>, <span class="ruby-identifier">:status</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-identifier">:unprocessable_entity</span> }
70:       <span class="ruby-keyword kw">end</span>
71:     <span class="ruby-keyword kw">end</span>
72:   <span class="ruby-keyword kw">end</span>
</pre>
          </div>
        </div>
      </div>

      <div id="method-M000035" class="method-detail">
        <a name="M000035"></a>

        <div class="method-heading">
          <a href="#M000035" class="method-signature">
          <span class="method-name">destroy</span><span class="method-args">()</span>
          </a>
        </div>
      
        <div class="method-description">
          <p>
Elimina l&#8216;utente specificato dall&#8216;id. Consentito soltanto
all&#8216;amministratore ed all&#8216;utente proprietario
</p>
          <p><a class="source-toggle" href="#"
            onclick="toggleCode('M000035-source');return false;">[Source]</a></p>
          <div class="method-source-code" id="M000035-source">
<pre>
     <span class="ruby-comment cmt"># File app/controllers/users_controller.rb, line 137</span>
137:   <span class="ruby-keyword kw">def</span> <span class="ruby-identifier">destroy</span>
138:     <span class="ruby-identifier">right</span> = <span class="ruby-keyword kw">false</span>
139:     
140:     <span class="ruby-keyword kw">if</span> <span class="ruby-identifier">request</span>.<span class="ruby-identifier">delete?</span>
141:       <span class="ruby-identifier">user</span> = <span class="ruby-constant">User</span>.<span class="ruby-identifier">find_by_id</span>(<span class="ruby-identifier">params</span>[<span class="ruby-identifier">:id</span>])
142:       
143:       <span class="ruby-keyword kw">if</span> <span class="ruby-identifier">owner_or_admin</span>(<span class="ruby-identifier">user</span>.<span class="ruby-identifier">username</span>)
144:         <span class="ruby-keyword kw">if</span> <span class="ruby-identifier">owner</span>(<span class="ruby-identifier">user</span>.<span class="ruby-identifier">username</span>)
145:           <span class="ruby-ivar">@user_session</span>.<span class="ruby-identifier">log_out_user!</span>
146:         <span class="ruby-keyword kw">end</span>
147:         <span class="ruby-identifier">user</span>.<span class="ruby-identifier">destroy</span>
148:         <span class="ruby-identifier">flash</span>[<span class="ruby-identifier">:notice</span>] = <span class="ruby-value str">'Utente cancellato con successo.'</span>
149:         <span class="ruby-identifier">right</span> = <span class="ruby-keyword kw">true</span>
150:       <span class="ruby-keyword kw">else</span>
151:         <span class="ruby-identifier">flash</span>[<span class="ruby-identifier">:warning</span>] = <span class="ruby-value str">&quot;Non sei autorizzato a fare questo!&quot;</span>
152:       <span class="ruby-keyword kw">end</span>
153:     <span class="ruby-keyword kw">end</span>
154:     
155:     <span class="ruby-identifier">respond_to</span> <span class="ruby-keyword kw">do</span> <span class="ruby-operator">|</span><span class="ruby-identifier">format</span><span class="ruby-operator">|</span>
156:       <span class="ruby-keyword kw">if</span> <span class="ruby-identifier">right</span>
157:         <span class="ruby-identifier">format</span>.<span class="ruby-identifier">html</span> {<span class="ruby-identifier">redirect_to</span> <span class="ruby-identifier">:controller</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-value str">&quot;general&quot;</span>, <span class="ruby-identifier">:action</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-value str">&quot;index&quot;</span>}
158:         <span class="ruby-identifier">format</span>.<span class="ruby-identifier">xml</span> { <span class="ruby-identifier">head</span> <span class="ruby-identifier">:ok</span> }
159:       <span class="ruby-keyword kw">else</span>
160:         <span class="ruby-identifier">format</span>.<span class="ruby-identifier">html</span> {<span class="ruby-identifier">redirect_to</span> <span class="ruby-identifier">:controller</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-value str">&quot;general&quot;</span>, <span class="ruby-identifier">:action</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-value str">&quot;index&quot;</span>, <span class="ruby-identifier">:status</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-value">401</span>}
161:         <span class="ruby-identifier">format</span>.<span class="ruby-identifier">xml</span> {<span class="ruby-identifier">head</span> <span class="ruby-value">401</span>}
162:       <span class="ruby-keyword kw">end</span>
163:     <span class="ruby-keyword kw">end</span>
164:   <span class="ruby-keyword kw">end</span>
</pre>
          </div>
        </div>
      </div>

      <div id="method-M000033" class="method-detail">
        <a name="M000033"></a>

        <div class="method-heading">
          <a href="#M000033" class="method-signature">
          <span class="method-name">edit</span><span class="method-args">()</span>
          </a>
        </div>
      
        <div class="method-description">
          <p>
Recupera l&#8216;utente che ha l&#8216;id passato come parametro, se
l&#8216;utente è il proprietario oppure è l&#8216;amministratore.
</p>
          <p><a class="source-toggle" href="#"
            onclick="toggleCode('M000033-source');return false;">[Source]</a></p>
          <div class="method-source-code" id="M000033-source">
<pre>
    <span class="ruby-comment cmt"># File app/controllers/users_controller.rb, line 76</span>
76:   <span class="ruby-keyword kw">def</span> <span class="ruby-identifier">edit</span>
77:     <span class="ruby-identifier">logger</span>.<span class="ruby-identifier">info</span> <span class="ruby-node">&quot;UserController, edit, id: #{params[:id]}&quot;</span>
78:     <span class="ruby-identifier">user</span> = <span class="ruby-constant">User</span>.<span class="ruby-identifier">find_by_id</span>(<span class="ruby-identifier">params</span>[<span class="ruby-identifier">:id</span>])
79:     
80:     <span class="ruby-identifier">respond_to</span> <span class="ruby-keyword kw">do</span> <span class="ruby-operator">|</span><span class="ruby-identifier">format</span><span class="ruby-operator">|</span>
81:       <span class="ruby-keyword kw">if</span> <span class="ruby-identifier">owner_or_admin</span>(<span class="ruby-identifier">user</span>.<span class="ruby-identifier">username</span>)
82:         <span class="ruby-ivar">@user</span> = <span class="ruby-identifier">user</span>
83:         <span class="ruby-identifier">logger</span>.<span class="ruby-identifier">info</span> <span class="ruby-node">&quot;Utente: #{@user.username}&quot;</span>
84:         <span class="ruby-identifier">format</span>.<span class="ruby-identifier">html</span>
85:         <span class="ruby-identifier">format</span>.<span class="ruby-identifier">xml</span> {<span class="ruby-identifier">head</span> <span class="ruby-identifier">:ok</span>}
86:       <span class="ruby-keyword kw">else</span>
87:         <span class="ruby-identifier">format</span>.<span class="ruby-identifier">html</span> {<span class="ruby-identifier">redirect_to</span> <span class="ruby-identifier">root_path</span>, <span class="ruby-identifier">:status</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-value">401</span>}
88:         <span class="ruby-identifier">format</span>.<span class="ruby-identifier">xml</span> {<span class="ruby-identifier">head</span> <span class="ruby-value">401</span>}
89:       <span class="ruby-keyword kw">end</span>
90:     <span class="ruby-keyword kw">end</span>
91:   <span class="ruby-keyword kw">end</span>
</pre>
          </div>
        </div>
      </div>

      <div id="method-M000030" class="method-detail">
        <a name="M000030"></a>

        <div class="method-heading">
          <a href="#M000030" class="method-signature">
          <span class="method-name">index</span><span class="method-args">()</span>
          </a>
        </div>
      
        <div class="method-description">
          <p>
Indice degli utenti. Accessibile soltanto all&#8216;amministratore
</p>
          <p><a class="source-toggle" href="#"
            onclick="toggleCode('M000030-source');return false;">[Source]</a></p>
          <div class="method-source-code" id="M000030-source">
<pre>
    <span class="ruby-comment cmt"># File app/controllers/users_controller.rb, line 18</span>
18:   <span class="ruby-keyword kw">def</span> <span class="ruby-identifier">index</span>
19:     <span class="ruby-ivar">@users</span> = <span class="ruby-constant">User</span>.<span class="ruby-identifier">paginate</span> <span class="ruby-identifier">:per_page</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-value">3</span>, <span class="ruby-identifier">:page</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-identifier">params</span>[<span class="ruby-identifier">:page</span>], <span class="ruby-identifier">:order</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-value str">'username'</span>
20:     
21:     <span class="ruby-identifier">respond_to</span> <span class="ruby-keyword kw">do</span> <span class="ruby-operator">|</span><span class="ruby-identifier">format</span><span class="ruby-operator">|</span>
22:       <span class="ruby-identifier">format</span>.<span class="ruby-identifier">html</span>
23:       <span class="ruby-identifier">format</span>.<span class="ruby-identifier">xml</span>  { <span class="ruby-identifier">render</span> <span class="ruby-identifier">:xml</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-ivar">@users</span> }
24:     <span class="ruby-keyword kw">end</span>
25:   <span class="ruby-keyword kw">end</span>
</pre>
          </div>
        </div>
      </div>

      <div id="method-M000040" class="method-detail">
        <a name="M000040"></a>

        <div class="method-heading">
          <a href="#M000040" class="method-signature">
          <span class="method-name">insert_new_password</span><span class="method-args">()</span>
          </a>
        </div>
      
        <div class="method-description">
          <p>
Completa il reset della password, recuperando l&#8216;utente corrispondente
alla mail e confrontando il codice di identificazione passato con quello
calcolato. Se l&#8216;utente non è presente nel database, oppure il codice
non corrisponde, non succede niente. Questa azione viene raggiunta dal link
sulla mail di reset.
</p>
          <p><a class="source-toggle" href="#"
            onclick="toggleCode('M000040-source');return false;">[Source]</a></p>
          <div class="method-source-code" id="M000040-source">
<pre>
     <span class="ruby-comment cmt"># File app/controllers/users_controller.rb, line 273</span>
273:   <span class="ruby-keyword kw">def</span> <span class="ruby-identifier">insert_new_password</span>
274:     <span class="ruby-identifier">user</span> = <span class="ruby-constant">User</span>.<span class="ruby-identifier">find_by_mail</span>(<span class="ruby-identifier">params</span>[<span class="ruby-identifier">:mail</span>])
275:     <span class="ruby-identifier">right</span> = <span class="ruby-keyword kw">false</span>
276:     
277:     <span class="ruby-keyword kw">if</span> <span class="ruby-operator">!</span><span class="ruby-identifier">user</span>.<span class="ruby-identifier">blank?</span> <span class="ruby-operator">&amp;&amp;</span> <span class="ruby-identifier">user</span>.<span class="ruby-identifier">is_active?</span>
278:       <span class="ruby-identifier">calculated_password</span> = <span class="ruby-constant">UserMailer</span>.<span class="ruby-identifier">encrypted_reset_code</span> <span class="ruby-identifier">user</span>.<span class="ruby-identifier">id</span>, <span class="ruby-identifier">user</span>.<span class="ruby-identifier">mail</span>
279:       <span class="ruby-identifier">logger</span>.<span class="ruby-identifier">info</span> <span class="ruby-node">&quot;Password trovate:\n\tMail: #{params[:code]}\n\tCalcolata: #{calculated_password}&quot;</span>
280:       <span class="ruby-keyword kw">if</span> <span class="ruby-identifier">calculated_password</span> <span class="ruby-operator">==</span> <span class="ruby-identifier">params</span>[<span class="ruby-identifier">:code</span>]
281:         <span class="ruby-ivar">@user_session</span>.<span class="ruby-identifier">log_out_user!</span> <span class="ruby-comment cmt"># Logout dell'utente loggato.</span>
282:         <span class="ruby-ivar">@user_session</span>.<span class="ruby-identifier">log_in_user</span>(<span class="ruby-identifier">user</span>)
283:         <span class="ruby-identifier">flash</span>[<span class="ruby-identifier">:notice</span>] = <span class="ruby-node">&quot;#{user.username}, vuoi cambiare la tua password&quot;</span>
284:         <span class="ruby-identifier">right</span> = <span class="ruby-keyword kw">true</span>
285:       <span class="ruby-keyword kw">else</span>
286:         <span class="ruby-identifier">flash</span>[<span class="ruby-identifier">:warning</span>] = <span class="ruby-value str">&quot;Pensiamo che non puoi fare quello che stai cercando di fare. Cosa stai cercando di fare!?&quot;</span>
287:       <span class="ruby-keyword kw">end</span>
288:     <span class="ruby-keyword kw">else</span>
289:       <span class="ruby-identifier">flash</span>[<span class="ruby-identifier">:notice</span>] = <span class="ruby-value str">&quot;Scusaci, utente non trovato o non registrato.&quot;</span>
290:     <span class="ruby-keyword kw">end</span>
291:     
292:     <span class="ruby-identifier">respond_to</span> <span class="ruby-keyword kw">do</span> <span class="ruby-operator">|</span><span class="ruby-identifier">format</span><span class="ruby-operator">|</span>
293:       <span class="ruby-keyword kw">unless</span> <span class="ruby-identifier">right</span>
294:         <span class="ruby-identifier">format</span>.<span class="ruby-identifier">html</span> {<span class="ruby-identifier">redirect_to</span> <span class="ruby-identifier">root_path</span>, <span class="ruby-identifier">:status</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-value">401</span>}
295:         <span class="ruby-identifier">format</span>.<span class="ruby-identifier">xml</span> { <span class="ruby-identifier">head</span> <span class="ruby-identifier">:unauthorized</span> }
296:       <span class="ruby-keyword kw">else</span>
297:         <span class="ruby-identifier">format</span>.<span class="ruby-identifier">html</span> {<span class="ruby-identifier">redirect_to</span> <span class="ruby-identifier">:action</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-value str">'edit'</span>, <span class="ruby-identifier">:id</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-identifier">user</span>.<span class="ruby-identifier">id</span>}
298:         <span class="ruby-identifier">format</span>.<span class="ruby-identifier">xml</span> { <span class="ruby-identifier">head</span> <span class="ruby-identifier">:ok</span> }
299:       <span class="ruby-keyword kw">end</span>
300:     <span class="ruby-keyword kw">end</span>
301:   <span class="ruby-keyword kw">end</span>
</pre>
          </div>
        </div>
      </div>

      <div id="method-M000031" class="method-detail">
        <a name="M000031"></a>

        <div class="method-heading">
          <a href="#M000031" class="method-signature">
          <span class="method-name">new</span><span class="method-args">()</span>
          </a>
        </div>
      
        <div class="method-description">
          <p><a class="source-toggle" href="#"
            onclick="toggleCode('M000031-source');return false;">[Source]</a></p>
          <div class="method-source-code" id="M000031-source">
<pre>
    <span class="ruby-comment cmt"># File app/controllers/users_controller.rb, line 27</span>
27:   <span class="ruby-keyword kw">def</span> <span class="ruby-identifier">new</span>
28:     <span class="ruby-ivar">@user</span> = <span class="ruby-constant">User</span>.<span class="ruby-identifier">new</span>
29:     
30:     <span class="ruby-identifier">respond_to</span> <span class="ruby-keyword kw">do</span> <span class="ruby-operator">|</span><span class="ruby-identifier">format</span><span class="ruby-operator">|</span>
31:       <span class="ruby-identifier">format</span>.<span class="ruby-identifier">html</span>
32:       <span class="ruby-identifier">format</span>.<span class="ruby-identifier">xml</span>  { <span class="ruby-identifier">render</span> <span class="ruby-identifier">:xml</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-ivar">@user</span> }
33:     <span class="ruby-keyword kw">end</span>
34:   <span class="ruby-keyword kw">end</span>
</pre>
          </div>
        </div>
      </div>

      <div id="method-M000038" class="method-detail">
        <a name="M000038"></a>

        <div class="method-heading">
          <a href="#M000038" class="method-signature">
          <span class="method-name">new_password_reset</span><span class="method-args">()</span>
          </a>
        </div>
      
        <div class="method-description">
          <p>
Prepara l&#8216;attributo mail per la vista associata, che consente di
inviare l&#8216;e-mail per resettare la password.
</p>
          <p><a class="source-toggle" href="#"
            onclick="toggleCode('M000038-source');return false;">[Source]</a></p>
          <div class="method-source-code" id="M000038-source">
<pre>
     <span class="ruby-comment cmt"># File app/controllers/users_controller.rb, line 219</span>
219:   <span class="ruby-keyword kw">def</span> <span class="ruby-identifier">new_password_reset</span>
220:     <span class="ruby-ivar">@email</span> = <span class="ruby-value str">&quot;&quot;</span>
221:     
222:     <span class="ruby-identifier">respond_to</span> <span class="ruby-keyword kw">do</span> <span class="ruby-operator">|</span><span class="ruby-identifier">format</span><span class="ruby-operator">|</span>
223:       <span class="ruby-identifier">format</span>.<span class="ruby-identifier">js</span> <span class="ruby-keyword kw">if</span> <span class="ruby-identifier">request</span>.<span class="ruby-identifier">xhr?</span>
224:       <span class="ruby-identifier">format</span>.<span class="ruby-identifier">html</span>
225:       <span class="ruby-identifier">format</span>.<span class="ruby-identifier">xml</span>  { <span class="ruby-identifier">render</span> <span class="ruby-identifier">:xml</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-ivar">@email</span> }
226:     <span class="ruby-keyword kw">end</span>
227:   <span class="ruby-keyword kw">end</span>
</pre>
          </div>
        </div>
      </div>

      <div id="method-M000037" class="method-detail">
        <a name="M000037"></a>

        <div class="method-heading">
          <a href="#M000037" class="method-signature">
          <span class="method-name">register</span><span class="method-args">()</span>
          </a>
        </div>
      
        <div class="method-description">
          <p>
Questa azione conferma la registrazione dell&#8216;utente specificato
dall&#8216;id passato come parametro. Se l&#8216;id non è valido, oppure
l&#8216;utente è già attivo, non viene eseguita alcuna operazione. Il
link per arrivare a questa azione è nella mail inviata all&#8216;utente
che l&#8216;ha richiesta, nell&#8216;azione <a
href="UsersController.html#M000032">create</a>.
</p>
          <p><a class="source-toggle" href="#"
            onclick="toggleCode('M000037-source');return false;">[Source]</a></p>
          <div class="method-source-code" id="M000037-source">
<pre>
     <span class="ruby-comment cmt"># File app/controllers/users_controller.rb, line 189</span>
189:   <span class="ruby-keyword kw">def</span> <span class="ruby-identifier">register</span>
190:     <span class="ruby-comment cmt"># Controllo che l'utente esiste nel database</span>
191:     <span class="ruby-ivar">@user</span> = <span class="ruby-constant">User</span>.<span class="ruby-identifier">find_by_id</span>(<span class="ruby-identifier">params</span>[<span class="ruby-identifier">:id</span>])
192:     
193:     <span class="ruby-comment cmt"># Se l'utente non esiste lo mando ad una pagina in cui lo avviso di questo</span>
194:     <span class="ruby-keyword kw">if</span> <span class="ruby-ivar">@user</span>.<span class="ruby-identifier">blank?</span>
195:       <span class="ruby-identifier">flash</span>[<span class="ruby-identifier">:notice</span>] = <span class="ruby-value str">&quot;Non hai confermato la registrazione in tempo o non lo hai mai fatto: in entrambi i casi devi rifare il procedimento di registrazione dall'inizio per essere registrato&quot;</span>
196:     <span class="ruby-keyword kw">elsif</span> <span class="ruby-ivar">@user</span>.<span class="ruby-identifier">is_active?</span>
197:       <span class="ruby-comment cmt"># In questo caso l'utente è giò confermato e segue nuovamente il link</span>
198:       <span class="ruby-identifier">flash</span>[<span class="ruby-identifier">:notice</span>] = <span class="ruby-value str">&quot;La tua registrazione &amp;egrave; gi&amp;agrave; stata confermata.&quot;</span>
199:     <span class="ruby-keyword kw">else</span>
200:       <span class="ruby-comment cmt"># Utilizzo l'update attribute per non passare attraverso la validazione. Se usassi save, ci sarebbe la validazione, e dato che password sarebbe vuoto</span>
201:       <span class="ruby-comment cmt"># essa non consentirebbe di salvare l'utente. Per saltare la validazione potre chiamare save(false), ma in questo modo sono più sicuro di non fare</span>
202:       <span class="ruby-comment cmt"># cazzate</span>
203:       <span class="ruby-ivar">@user</span>.<span class="ruby-identifier">update_attribute</span> <span class="ruby-identifier">:is_active</span>, <span class="ruby-keyword kw">true</span>
204:       
205:       <span class="ruby-identifier">flash</span>[<span class="ruby-identifier">:notice</span>] = <span class="ruby-value str">&quot;Grazie per esserti unito a questo gioco. Speriamo ti diverta! Team HTD.&quot;</span>
206:     <span class="ruby-keyword kw">end</span>
207:     
208:     <span class="ruby-identifier">respond_to</span> <span class="ruby-keyword kw">do</span> <span class="ruby-operator">|</span><span class="ruby-identifier">format</span><span class="ruby-operator">|</span>
209:       <span class="ruby-identifier">format</span>.<span class="ruby-identifier">html</span> { <span class="ruby-identifier">redirect_to</span> <span class="ruby-identifier">root_path</span> }
210:       <span class="ruby-identifier">format</span>.<span class="ruby-identifier">xml</span> { <span class="ruby-identifier">head</span> <span class="ruby-identifier">:ok</span> }
211:     <span class="ruby-keyword kw">end</span>
212:   <span class="ruby-keyword kw">end</span>
</pre>
          </div>
        </div>
      </div>

      <div id="method-M000039" class="method-detail">
        <a name="M000039"></a>

        <div class="method-heading">
          <a href="#M000039" class="method-signature">
          <span class="method-name">send_password_reset</span><span class="method-args">()</span>
          </a>
        </div>
      
        <div class="method-description">
          <p>
Invia la e-mail all&#8216;indirizzo specificato per il reset. Se la mail
non è presente nel database oppure non è valida, non succede niente.
</p>
          <p><a class="source-toggle" href="#"
            onclick="toggleCode('M000039-source');return false;">[Source]</a></p>
          <div class="method-source-code" id="M000039-source">
<pre>
     <span class="ruby-comment cmt"># File app/controllers/users_controller.rb, line 235</span>
235:   <span class="ruby-keyword kw">def</span> <span class="ruby-identifier">send_password_reset</span>
236:     <span class="ruby-identifier">mail</span> = <span class="ruby-identifier">params</span>[<span class="ruby-identifier">:email</span>]
237:     <span class="ruby-identifier">user</span> = <span class="ruby-constant">User</span>.<span class="ruby-identifier">find_by_mail</span>(<span class="ruby-identifier">params</span>[<span class="ruby-identifier">:email</span>])
238:     <span class="ruby-keyword kw">if</span> <span class="ruby-operator">!</span><span class="ruby-identifier">user</span>.<span class="ruby-identifier">blank?</span>
239:       <span class="ruby-keyword kw">begin</span>
240:         <span class="ruby-constant">UserMailer</span>.<span class="ruby-identifier">deliver_reset_password</span>(<span class="ruby-identifier">user</span>)
241:         <span class="ruby-identifier">logger</span>.<span class="ruby-identifier">info</span> <span class="ruby-node">&quot;E-mail sent to \&quot;#{mail}\&quot; for doing password reset.&quot;</span>
242:         <span class="ruby-ivar">@msg</span> = <span class="ruby-identifier">flash</span>[<span class="ruby-identifier">:notice</span>] = <span class="ruby-value str">&quot;Ti abbiamo inviato una e-mail con le istruzioni per cambiare la password.&quot;</span>
243:       <span class="ruby-keyword kw">rescue</span> <span class="ruby-constant">Net</span><span class="ruby-operator">::</span><span class="ruby-constant">SMTPFatalError</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-identifier">err</span>
244:         <span class="ruby-comment cmt"># L'errore si può verificare nel caso in cui l'indirizzo mail inserito al momento della registrazione</span>
245:         <span class="ruby-comment cmt"># è stato eliminato (dismesso ecc.)</span>
246:         <span class="ruby-identifier">logger</span>.<span class="ruby-identifier">warn</span> <span class="ruby-node">&quot;Problema nell'invio della mail per il reset della password: \&quot;#{err}\&quot;&quot;</span>
247:         <span class="ruby-ivar">@msg</span> = <span class="ruby-identifier">flash</span>[<span class="ruby-identifier">:error</span>] = <span class="ruby-node">&quot;L'e-mail inserita \&quot;#{mail}\&quot; non &amp;egrave; valida&quot;</span>
248:       <span class="ruby-keyword kw">end</span>
249:     <span class="ruby-keyword kw">else</span>
250:       <span class="ruby-identifier">logger</span>.<span class="ruby-identifier">info</span> <span class="ruby-node">&quot;Utente con mail \&quot;#{mail}\&quot; non pi&amp;ugrave; nel DB.&quot;</span>
251:       <span class="ruby-comment cmt"># Questo capita se l'indirizzo non sta più nel database</span>
252:       <span class="ruby-ivar">@msg</span> = <span class="ruby-identifier">flash</span>[<span class="ruby-identifier">:warning</span>] = <span class="ruby-node">&quot;Scusaci, la tua e-mail \&quot;#{mail}\&quot; non &amp;egrave; nel nostro database. L'hai dimenticata??&quot;</span>
253:     <span class="ruby-keyword kw">end</span>
254:     
255:     <span class="ruby-identifier">respond_to</span> <span class="ruby-keyword kw">do</span> <span class="ruby-operator">|</span><span class="ruby-identifier">format</span><span class="ruby-operator">|</span>
256:       <span class="ruby-keyword kw">if</span> <span class="ruby-identifier">request</span>.<span class="ruby-identifier">xhr?</span>
257:         <span class="ruby-identifier">flash</span>[<span class="ruby-identifier">:warning</span>] = <span class="ruby-identifier">flash</span>[<span class="ruby-identifier">:notice</span>] = <span class="ruby-identifier">flash</span>[<span class="ruby-identifier">:error</span>] = <span class="ruby-keyword kw">nil</span>
258:         <span class="ruby-identifier">format</span>.<span class="ruby-identifier">js</span>
259:       <span class="ruby-keyword kw">else</span>
260:         <span class="ruby-identifier">format</span>.<span class="ruby-identifier">html</span> {<span class="ruby-identifier">redirect_to</span> <span class="ruby-identifier">root_path</span>}
261:         <span class="ruby-identifier">format</span>.<span class="ruby-identifier">xml</span> {<span class="ruby-identifier">head</span> <span class="ruby-identifier">:ok</span>}
262:       <span class="ruby-keyword kw">end</span>
263:     <span class="ruby-keyword kw">end</span>
264:   <span class="ruby-keyword kw">end</span>
</pre>
          </div>
        </div>
      </div>

      <div id="method-M000036" class="method-detail">
        <a name="M000036"></a>

        <div class="method-heading">
          <a href="#M000036" class="method-signature">
          <span class="method-name">show</span><span class="method-args">()</span>
          </a>
        </div>
      
        <div class="method-description">
          <p>
Trova e mette a disposizione della vista l&#8216;utente specificato.
E&#8217; consentito sol al proprietario ed all&#8216;amministratore.
</p>
          <p><a class="source-toggle" href="#"
            onclick="toggleCode('M000036-source');return false;">[Source]</a></p>
          <div class="method-source-code" id="M000036-source">
<pre>
     <span class="ruby-comment cmt"># File app/controllers/users_controller.rb, line 167</span>
167:   <span class="ruby-keyword kw">def</span> <span class="ruby-identifier">show</span>
168:     <span class="ruby-ivar">@user</span> = <span class="ruby-constant">User</span>.<span class="ruby-identifier">find_by_id</span>(<span class="ruby-identifier">params</span>[<span class="ruby-identifier">:id</span>])
169:     
170:     <span class="ruby-identifier">respond_to</span> <span class="ruby-keyword kw">do</span> <span class="ruby-operator">|</span><span class="ruby-identifier">format</span><span class="ruby-operator">|</span>
171:       <span class="ruby-keyword kw">if</span> <span class="ruby-operator">!</span><span class="ruby-ivar">@user</span>.<span class="ruby-identifier">blank?</span> <span class="ruby-operator">&amp;&amp;</span> <span class="ruby-identifier">owner_or_admin</span>(<span class="ruby-ivar">@user</span>.<span class="ruby-identifier">username</span>)
172:         <span class="ruby-identifier">format</span>.<span class="ruby-identifier">html</span> <span class="ruby-comment cmt"># show.html.erb</span>
173:         <span class="ruby-identifier">format</span>.<span class="ruby-identifier">xml</span>  { <span class="ruby-identifier">render</span> <span class="ruby-identifier">:xml</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-ivar">@user</span> }
174:       <span class="ruby-keyword kw">else</span>
175:         <span class="ruby-identifier">flash</span>[<span class="ruby-identifier">:warning</span>] = <span class="ruby-value str">&quot;Non sei autorizzato a vedere questo utente.&quot;</span>
176:         <span class="ruby-identifier">format</span>.<span class="ruby-identifier">html</span> { <span class="ruby-identifier">redirect_to</span> <span class="ruby-identifier">:controller</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-value str">&quot;general&quot;</span>, <span class="ruby-identifier">:action</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-value str">&quot;index&quot;</span>, <span class="ruby-identifier">:status</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-value">401</span> }
177:         <span class="ruby-identifier">format</span>.<span class="ruby-identifier">xml</span> { <span class="ruby-identifier">head</span> <span class="ruby-identifier">:unauthorized</span> } <span class="ruby-comment cmt">#401</span>
178:       <span class="ruby-keyword kw">end</span>
179:     <span class="ruby-keyword kw">end</span>
180:   <span class="ruby-keyword kw">end</span>
</pre>
          </div>
        </div>
      </div>

      <div id="method-M000034" class="method-detail">
        <a name="M000034"></a>

        <div class="method-heading">
          <a href="#M000034" class="method-signature">
          <span class="method-name">update</span><span class="method-args">()</span>
          </a>
        </div>
      
        <div class="method-description">
          <p>
Modifica un utente specificato dall&#8216;id. Questa azione è consentita
soltanto all&#8216;utnete proprietario od all&#8216;amministratore
</p>
          <p><a class="source-toggle" href="#"
            onclick="toggleCode('M000034-source');return false;">[Source]</a></p>
          <div class="method-source-code" id="M000034-source">
<pre>
     <span class="ruby-comment cmt"># File app/controllers/users_controller.rb, line 94</span>
 94:   <span class="ruby-keyword kw">def</span> <span class="ruby-identifier">update</span>
 95:     <span class="ruby-identifier">right</span> = <span class="ruby-keyword kw">false</span>
 96:     <span class="ruby-identifier">unauthorized</span> = <span class="ruby-keyword kw">false</span>
 97:     
 98:     <span class="ruby-keyword kw">if</span> <span class="ruby-identifier">request</span>.<span class="ruby-identifier">put?</span>
 99:       <span class="ruby-ivar">@user</span> = <span class="ruby-constant">User</span>.<span class="ruby-identifier">find_by_id</span>(<span class="ruby-identifier">params</span>[<span class="ruby-identifier">:id</span>])
100:       
101:       <span class="ruby-identifier">msg</span> = <span class="ruby-node">&quot;Utente #{@user.username} &quot;</span>
102:       
103:       <span class="ruby-keyword kw">if</span> <span class="ruby-operator">!</span><span class="ruby-ivar">@user</span>.<span class="ruby-identifier">blank?</span> <span class="ruby-operator">&amp;&amp;</span> <span class="ruby-identifier">owner_or_admin</span>(<span class="ruby-ivar">@user</span>.<span class="ruby-identifier">username</span>)
104:         <span class="ruby-keyword kw">if</span> <span class="ruby-ivar">@user</span>.<span class="ruby-identifier">update_attributes</span>(<span class="ruby-identifier">params</span>[<span class="ruby-identifier">:user</span>])
105:           <span class="ruby-identifier">flash</span>[<span class="ruby-identifier">:notice</span>] = <span class="ruby-identifier">msg</span> <span class="ruby-operator">+</span> <span class="ruby-value str">&quot;modificato con successo&quot;</span>
106:           <span class="ruby-identifier">right</span> = <span class="ruby-keyword kw">true</span>
107:         <span class="ruby-keyword kw">else</span>
108:           <span class="ruby-identifier">flash</span>.<span class="ruby-identifier">now</span>[<span class="ruby-identifier">:notice</span>] = <span class="ruby-identifier">msg</span> <span class="ruby-operator">+</span> <span class="ruby-value str">&quot;non modificato&quot;</span>
109:         <span class="ruby-keyword kw">end</span>
110:       <span class="ruby-keyword kw">else</span>
111:         <span class="ruby-identifier">unauthorized</span> = <span class="ruby-keyword kw">true</span>
112:         <span class="ruby-identifier">flash</span>[<span class="ruby-identifier">:warning</span>] = <span class="ruby-value str">&quot;Non sei autorizzato a fare questo!&quot;</span>
113:       <span class="ruby-keyword kw">end</span>
114:     <span class="ruby-keyword kw">end</span>
115:     
116:     <span class="ruby-identifier">respond_to</span> <span class="ruby-keyword kw">do</span> <span class="ruby-operator">|</span><span class="ruby-identifier">format</span><span class="ruby-operator">|</span>
117:       <span class="ruby-keyword kw">if</span> <span class="ruby-identifier">right</span>
118:         <span class="ruby-identifier">format</span>.<span class="ruby-identifier">html</span> {<span class="ruby-identifier">redirect_to</span> <span class="ruby-identifier">:controller</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-value str">&quot;users&quot;</span>, <span class="ruby-identifier">:action</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-value str">&quot;show&quot;</span>, <span class="ruby-identifier">:id</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-ivar">@user</span>.<span class="ruby-identifier">id</span>}
119:         <span class="ruby-identifier">format</span>.<span class="ruby-identifier">xml</span> { <span class="ruby-identifier">head</span> <span class="ruby-identifier">:ok</span> }
120:       <span class="ruby-keyword kw">else</span>
121:         <span class="ruby-keyword kw">unless</span> <span class="ruby-identifier">unauthorized</span>
122:           <span class="ruby-keyword kw">unless</span> <span class="ruby-identifier">request</span>.<span class="ruby-identifier">put?</span>
123:             <span class="ruby-identifier">format</span>.<span class="ruby-identifier">html</span> {<span class="ruby-identifier">redirect_to</span> <span class="ruby-identifier">:action</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-value str">'edit'</span>, <span class="ruby-identifier">:id</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-identifier">params</span>[<span class="ruby-identifier">:id</span>], <span class="ruby-identifier">:status</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-value">405</span>} <span class="ruby-comment cmt"># Method not allowed</span>
124:           <span class="ruby-keyword kw">else</span>
125:             <span class="ruby-identifier">format</span>.<span class="ruby-identifier">html</span> {<span class="ruby-identifier">render</span> <span class="ruby-identifier">:action</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-value str">'edit'</span>}
126:           <span class="ruby-keyword kw">end</span>
127:           <span class="ruby-identifier">format</span>.<span class="ruby-identifier">xml</span> {<span class="ruby-identifier">render</span> <span class="ruby-identifier">:xml</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-ivar">@user</span>.<span class="ruby-identifier">errors</span>, <span class="ruby-identifier">:status</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-identifier">:unprocessable_entity</span>}
128:         <span class="ruby-keyword kw">else</span>
129:           <span class="ruby-identifier">format</span>.<span class="ruby-identifier">html</span> {<span class="ruby-identifier">redirect_to</span> <span class="ruby-identifier">root_path</span>, <span class="ruby-identifier">:status</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-value">401</span>}
130:           <span class="ruby-identifier">format</span>.<span class="ruby-identifier">xml</span> {<span class="ruby-identifier">head</span> <span class="ruby-value">401</span>}
131:         <span class="ruby-keyword kw">end</span>
132:       <span class="ruby-keyword kw">end</span>
133:     <span class="ruby-keyword kw">end</span>
134:   <span class="ruby-keyword kw">end</span>
</pre>
          </div>
        </div>
      </div>


    </div>


  </div>


<div id="validator-badges">
  <p><small><a href="http://validator.w3.org/check/referer">[Validate]</a></small></p>
</div>

</body>
</html>